隱私權政策簡要概述

關於如何處理您的隱私

當您造訪 SimplyBook.me Ltd 官方網站及相關軟體服務(受我們的 網站條款及條件約束)時,您信任我們處理您的個人數據。確實,我們處理了大量不同的數據,也正因為如此,我們致力於維護您對我們的信任,且以此做為目標。

為了幫助您了解我們如何實現此目標,您可以仔細查閱關於我們如何解釋隱私規範的文件內容。這將幫助您了解我們如何蒐集、使用&視情況共享您的個人數據及您也可以了解該採取哪些措施,而關於我們使用這些資訊,有始至終都是以為您提供最佳服務為目標。

請您點擊 此處,一併閱讀我們的已簽署的 數據處理協議 DPA 服務條約及條款T&C。 備註:為了您的方便,我們將此頁面英文版資訊(統稱為 SimplyBook.me Ltd 條款)翻譯成多種語系。在任何非英文語系的版本中,若有任何翻譯不一致的地方,應以英文版本的內容為主,同時也建議您查閱 SimplyBook.me 英文版條款。

  • 01

    資料蒐集:

    我們蒐集了哪些個人資料?

    • 在您註冊和使用我們的系統時,向我們所提供的資訊,如:您的姓名、電子郵件、地址等;

    • 您創建&使用我們的服務時的數據,如:IP 位址、瀏覽器類型等。

  • 02

    資料處理:

    在什麼情況下我們使用您的個人資訊?

    • 為您提供更卓越的服務

    • 提昇我們的網站效能及服務效率

    • 讓您在可能的情況下進行互動

    • 提供您需要的客服支援

    • 用於系統優化研究及開發

  • 03

    資料共享:

    我們像誰共享您的資訊?

    • As part of team.blue group, with our service providers when needed;

    • with other people such as our contractors and consultants) and companies such as payment systems providers we collaborate, see section Share of your personal data, below.

    請查閱我們的數據處理協議 (DPA) 以了解更多。

  • 04

    資料儲存:

    您的個人資料儲存在哪裡?

    We are a company based in Cyprus and store your personal data worldwide, depending on the location of your business. For EU based businesses though your data including backups is stored in the EU, it may be transferred outside the EU. See more information under Where is your personal data stored?

  • 05

    資料所有者的權利:

    做為資料所有人,您有什麼權利?

    • 索取一份關於您個人數據的副本,在資料有誤的情況下,您可以要求我們修改您個人數據中包含的某些內容

    • 要求我們刪除部分或全部個人資訊

    • 限制或要求我們完全停止處理您的個人資訊

    • 要求我們將您的數據提供給另一間公司

    • 收回您提供給我們的資料處理權限

    • If you are outside the EU or EEA and GDPR does not apply there is a special section for your rights.

SimplyBook.me LTD 的隱私政策

I. 介紹

這是 SimplyBook.me 的隱私權政策,將解釋我們如何在所有的營運業務中,遵守一般資料保護條例 (EU) 2016/679 ( GDPR 個資法規範) 及其他國家&國際適用的法律和法規。

我們已實施措施和記錄,並符合 GDPR 資法規範認證,因此可以負責處理您的個人資訊。尊重 GDPR 規範的原則(合法性、公平性及透明度、利用目的限制、資料. 最少蒐集、正確性、儲存限制、完整性機密性(安全性)和責任制 )是我們所有營運業務處理個人數據的重要核心。

II. 與我們有關的資訊

We are SimplyBook.me Ltd and provide an appointment booking solution including a wide range of features such as promotion and marketing system, sales system and client contact system (collectively the “Services”). You may check our Terms and Conditions, containing more details of our services and our legal obligations, together with our Data Processing Agreement overview and signed version here.

為了遵守 GDPR 規範,當您造訪我們的官網 www.simplybook.me 及其他由我們營運的子網站時,我們將知會您我們是「資料控管者」,並根據您接受之敝司營運的網站 使用者條款政策(T&C),對您的個人資料能有其決定權。

對於本文件以及所有隱私和個人數據保護之目的,我們的資訊和聯繫方式如下:

III. 我們所蒐集與您有關的資訊

當您造訪我們的網站並希望使用我們的服務時,根據我們的 使用者條款政策(T&C),我們需要蒐集有關您的各類資訊。在此段落中,我們將解釋我們如何處理特定的個人資訊和必要的來源管理。對於處理資料的部份,我們也將闡明為什麼我們需要蒐集和使用個人資訊,以及基於法律依據所採取的動作。

使用數據

數據包含了 使用此網站及我們提供的系統服務,如:公司資訊、IP 位址、地理位置、瀏覽器類型及版本、作業系統、推薦來源、造訪網頁時間、頁面瀏覽量及網站瀏覽路徑,另外也包含了有關系統使用的時間、頻率和使用習慣等資訊。

  • 來源:

    分析追蹤系統,如:Google 分析等服務。

  • 目的:

    幫助了解哪個子網站更適合您,並為您提供更多資訊,改進我們的服務,同時根據您的需求提供使用建議。

  • 法律基礎:

    合法權益 ➝ 監控並改善我們的網站、系統、客戶服務及系統品質。

帳戶資料

以下資訊是當您註冊帳戶、建立或編輯個人資料、設定系統或透過系統購買時,將會提供給我們的資訊,如:姓名、聯絡電子郵件、個人照片、個人資料或其他詳細資訊等。相關資訊將會顯示於您的服務供應者頁面或是公司主頁中,讓客戶更了解您的品牌進而預約您的服務。

請注意,當設定相關網站資訊時,我們會追蹤您的設定偏好。

  • 來源:

    您與您的雇主或使用者以個人或公司為目的,建立並設定帳戶。

  • 目的:

    營運我們的網站、提供服務,並確保我們的網站及服務之安全性,維護資料備份,同時用於與您保持聯繫。

  • 法律基礎:

    合法權益與合約義務 ➝ 為您提供我們的系統服務,以便您能透過我們的服務,展示您的品牌資訊並推廣銷售服務及商品。

使用者的客戶資訊

這些資訊是使用者的客戶,透過軟體預約時,所輸入的資料,如:姓名、電子郵件等。

  • 來源:

    您與您的雇主或使用者以個人或公司為目的,建立並設定帳戶。

  • 目的:

    營運網站以利幫助您的客戶,輕鬆挑選服務供應者並有效率的完成線上預約。

  • 法律基礎:

    合法權益&合約義務 ➝ 使系統及服務能如常運行。

服務供應者的資訊

當您在系統帳戶中,新增服務供應者資訊,如:姓名、地址、電話號碼、電子郵件、個人照片及其他資訊等。

若您並為明確指出不希望顯示相關資訊於指定頁面,則以下特定資料將可被選取顯示於:使用者的預約網頁、在官網中加入的預約套件、使用者的社群資料、我們的目錄網站(展示所有客戶資訊)等。

  • 來源:

    資料當事者及資料控管者

  • 目的:

    挑選品牌用戶所提供的服務並完成線上預約。

  • 法律基礎:

    合法權益&合約義務 ➝ 使系統及服務能如常運行。

公開資料

您提供的可預約項目、銷售產品、為行銷推廣活動建立得資訊或公司的基本資料。

您充分了解透過我們的系統或服務,提供的相關資料,如:您個人、您的公司、服務供應者、產品、行銷活動、服務項目或其他相關事物的的資訊,都將在網際網路世界中公開顯示。我們 無法阻止其他人使用(或濫用)此類相關數據。

  • 來源:

    您與您的雇主或使用者以個人或公司為目的,建立並設定帳戶。

  • 目的:

    營運系統以幫助消費者可以有效完成線上預約&購買商品,並且閱讀您提供的品牌資訊,了解您的業務項目。

  • 法律基礎:

    合法權益&合約義務 ➝ 使系統及服務能如常運行。

提問資訊

此資訊包含任何系統檢查所需之提問資訊,如:您透過電子郵件或線上客服 向我們提交的系統或服務相關資訊。

  • 來源:

    您、相關系統建置者、公司目的或您的客戶。

  • 目的:

    分析我們的使用者遇到的問題,並協助他們解決狀況,且在需要持優化系統。

  • 法律基礎:

    合法權益 ➝ 使系統及服務能如常運行。

交易資訊

您與我們和/或透過我們的網站簽訂與交易有關的資訊,包含:購買商品、服務的聯絡資料和交易明細。

  • 來源:

    您即為資料當事人

  • 目的:

    提供購買的商品即服務項目,並且將妥善保存這些交易記錄。

  • 法律基礎:

    法律義務 - 適當的管理帳務

我們使用我們獨立開發的 Notando 會計系統 來處理交易,並在我們擁有的專用伺服器中運作(歐盟)。我們必須將包含您的購買資訊、姓名、地址、電子郵件及收據保管 7 年,以用於財務報告及處理增值稅等目的。

公司資訊

包含您在我們系統之公司資訊欄位內,輸入的相關資訊 ,如:名稱、電話號碼、電子郵件、公司視覺及其他相關資訊等。

若您並為明確表示不顯示這些資訊,則這些特定資訊將會顯示於:您的預約網頁、在官網中加入的預約套件、使用者的社群資料、我們的目錄網站(展示所有客戶資訊)等頁面中。

  • 來源:

    您與您的雇主或使用者以個人或公司為目的,建立並設定帳戶。

  • 目的:

    您與您的雇主或使用者以個人或公司為目的,建立並設定帳戶。

  • 法律基礎:

    合法權益&合約義務 ➝ 使系統及服務能如常運行。

系統通知資訊

您為了 訂閱我們的電子郵件和/或最新消息時,所提供的相關資訊。

  • 來源:

    您即為資料當事人

  • 目的:

    向您發送相關的通知和/或即時資訊,以告知您關於系統的調整,並分享 SimplyBook.me 使用秘訣,幫助您更快上手。

  • 法律基礎:

    同意 ➝ 接收來自我們發送的特定資訊,若無此需求時,可聯繫我們來撤銷發送權。

通訊數據

包含您透過任何頻道/方式,發送給我們的所有溝通資訊

  • 來源:

    您即為資料當事人

  • 目的:

    與您保持溝通並保留相關記錄。

  • 法律基礎:

    合法權益 ➝ 正確管理我們的網站和業務以及與用戶間的溝通。

除了上述關於處理您個人數據的具體法律依據外,在某些情況下,可能需要為了我們的 法律權益 ,來處理相關個人數據,如下所示:

無論是在法庭訴訟中,或是在行政&庭外處理程序中,為確立、行使或辯護之法律主張;

以適當保護我們的商業權利,避免受到風險並獲得或保留保險可涵蓋之理賠範圍、管理風險及取得專業建議。

IV. 我們將您的資訊存放在哪?

Your personal data is stored on servers located in three reputable data centers, in Canada, France and Singapore all of which meet the R82 and R81 APSAD standards and work according to ISO/IEC 27001 standard. Check out how we always prioritise the importance of information security, here.

針對我們的企業版客戶,我們提供位於 加拿大、英國、澳洲、比利時或任何其他地點的專屬伺服器,將視其可用性和其他需求及法律義務為準。

Get in contact with us to Find out more about this

V. 您的資料將被保存多久??

我們必須遵守與資料保存&資料刪除有關的多項法律義務。因此,再所有情況下,我們只會再此處所樹的處理目的之所需的時間內,保存您的數據,同時遵守 GDPR 的「資料保存」原則。這意味著,只要您仍然是我們系統的用戶,您就可以隨時編輯這些資訊,並透過取消使用系統來請求刪除。由於我們將所有的資料庫備份時間設定為 30 天,因此這些資訊在我們伺服器中,最久可能將存放 30 天,當超過此天數上限,該資料將會被刪除。

VI. 隱私納入設計&設計由隱私出發

We have implemented “appropriate technical and organisational measures” in order to follow the data protection principles effectively and safeguard individual rights. Specifically, we will perform a Data Protection Impact Assessment (“DPIA”) when required under GDPR, for identifying and minimising the data processing risks of a project.

  • Security icon

    資安團隊

    Additionally, all our security measures form part of the overall Information Security Management System (“ISMS”) of SimplyBook.me Ltd, in line with the ISO/IEC 27001 standard.

  • Hipaa icon

    醫療數據隱私 / 受保護的健康資訊

    You may upload via notes to your account certain medical data or protected health information (as defined in the Health Insurance Portability & Accountability Act of 1996, “HIPAA”).

    For the purposes of providing our SimplyBook.me Software and services, we may have restricted access to such type of information and must comply with the applicable HIPAA regulations as a business associate.

    Have a look at how we are HIPAA compliant here

Read more about our security approach

VII. 共享您的個人資訊

In order to operate effectively as a company and also provide flawless services, products and features, we must share some of your personal data. The sharing is limited to the extent required for the specific purposes and for the period required in order to ensure our business operations. Therefore, our services to you will not be jeopardised and your rights are not infringed.

(a) Sharing for provision of our other services/products:

SimplyMeet.me 會議預約排程解決方案

我們是 SimplyMeet.me 解決方案的所有者,為您提供線上會議排程軟體,幫助您更輕鬆的安排會議預約。您可以點擊 此處 查看 SimplyMeet.me 官方網站及相關的法律文件。


SBPay Basic & Pro 金流整合服務

SBPay 金流整合服務視根據我們的 服務條約及條款 T&C 提供給使用者的服務,此功能讓我們的「接受付款」客製功能更加全面且完善。

為了提供任一版本的 SBPay 金流整合服務,我們將蒐集和儲存:所有處理的交易數據、時間、您的客戶姓名、付款金額、購買的內容(是否為重複性購買)、IP 位址與交易有關的金流平台等。

Note that we do not store full credit card information - in order to avoid identification of the card owner.

數據儲存於:德國(歐盟)的 Google Cloud 中。


Booking.Page 全球最大預約服務平台

SimplyBook.me Ltd 是 Booking.Page (預約目錄)的所有者及營運商,該網站在英國的 OVH 伺服器託管 - 閱讀更多關於 OVH 的 安全標準基礎設施和軟體資訊

我們已根據 標準合約條款 (SCC) 來處理相關數據,並且明確知會您相關資訊:當您明確允許在 Booking.Page 中發佈公司資訊、服務供應者資訊及評論等資料時,您同意將這些數據傳輸到 EEA 之外的範圍,並且以本條款的規定為基準。

(b) Sharing as part of the team.blue group:

SimplyBook.me is part of team.blue Group and we may share personal data of our users with other entities within the Group, subject to provisions of our internal Global Data Sharing Framework.

The team.blue Group, consisting of several brands and subsidiaries, can improve coordination and resource allocation by sharing data internally. This allows for more efficient collaboration on product, campaign, and customer service improvements. Personal data may be shared among team.blue Group companies for marketing statistics, internal administration, and reporting purposes, but only in an amount necessary for the intended use and with proper protective measures in place to prevent unauthorised access or disclosure.

(c) Sharing with sub-processors:

We have appointed sub-processors with which we will share your personal data such as:

appointed service providers, business partners, and third-party vendors who assist us in delivering our services

legal authorities, regulatory bodies, and other third parties when required by law.


All data processing activities with parties located within the EU and EEA are governed by the provisions of the GDPR and respective Data Processing Agreements.

When we transfer your personal data to a country not located in the EU or EEA:

we will check and ensure that specific legal mechanisms and safeguards are in place: and such us “adequate decision” for that jurisdiction, concluded “Standard Contractual Clauses” (“SCC”) or other;

we follow the recent developments in the law and do not rely on the Privacy Shield but the Data Privacy Framework, to the exent applicable and valid;

for our business operations which involve the transfer of personal data from the European Union (“EU”) and/or the European Economic Area (“EEA”) to the United Kingdom, we rely on the decision of the European Commission dated on the 28th day of June, 2021 (see more info here).

Find a list of sub-processors as part of our online DPA here.

Where there is a change to this list, we will notify you and you can submit any objection via email to legal@simplybook.me, within 15 days

VIII. Cookies and Third-Party Technologies (Statistics and analytics)

General Statements:

a) For the purposes of security and detection of fraudulent behaviour, SimplyBook.me Ltd has implemented an automated control system, which makes use of cookies and other similar tracking technologies, to track and analyse certain behaviour of the users on the site, associated with their IP addresses and other personal data associated with the browsing on the site. The consequence of such processing is that, if a visitor attempts to engage in fraudulent conduct on the site, for example in order to benefit several times from the same promotion without having the right to do so, SimplyBook.me Ltd reserves the right to exclude such person from the promotion or to take any other appropriate measure for its own protection.

b) Analytics activities by means of tracking through the use of cookies and similar technologies, aimed at verifying and measuring the quality and effectiveness of SimplyBok.me Ltd’s online advertising campaigns, in order to improve the performance of those campaigns, as well as the services offered by SimplyBook.me Ltd.

c) SimplyBook.me Ltd uses cookies for functional and statistical purposes, to detect fraudulent behaviour and to measure the effectiveness of advertising campaigns and services.

Statics and Analytics

For statistics and analytics we use Google analytics and Piwik (self hosted in France). We do not use this software to get personal data or relate it directly to users of our system but to give us an overall overview on how visitors interact with our system so we can make it better.

When we use the auxiliary system mentioned above, it is only in order to help with signing up and facilitating displaying you as a service provider or your company on a map. This information is generally available for clients unless this is disabled in settings in which case the address or maps are not shown to clients on the booking site or in the directory. These external systems do not store any personal recognisable data about you.

Cookies

Like most websites, we use cookies - a file containing an identifier, a string of letters and numbers that is sent by a web server to a web browser and is stored by the browser and is then sent back to the server each time the browser requests a page from the server. Cookies can be either “persistent” and be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; or “session” and will expire at the end of the user session, when the web browser is closed.

We wish to clarify here that cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies. If you need to know more, find everything in our Cookies Policy.

Leadinfo:

We use the lead generation service provided by Leadinfo B.V., Rotterdam, The Netherlands, which recognizes visits of companies to our website based on IP addresses and shows us related publicly available information, such as company names or addresses. In addition, Leadinfo places two first-party cookies for providing transparency on how our visitors use our website and the tool processes domains from provided form inputs (e.g. “leadinfo.com”) to correlate IP addresses with companies and to enhance its services.

For additional information, please visit www.leadinfo.com. On this page: www.leadinfo.com/en/opt-out you have an opt-out option. In the event of an opt-out, your data will no longer be used by Leadinfo.

IX. 行銷推廣溝通

In order to contact you for marketing and promotional purposes, we need to have your clear consent and also inform you how we will process your personal data for these purposes. Therefore, by clicking to receive updates for marketing and promotional purposes during the sign-up procedure, you hereby consent and allow us to use your personal data and contact you via email, SMS or instant messaging such as via WhatsApp.

Your personal data for marketing and communication purposes will be stored in our internal database only and we shall not share your personal data with third parties unless they act as our service providers and are part of our business operations. This means we have established collaboration, safeguarded by data protection and privacy provisions.

針對 使用系統之用戶溝通,,我們使用自托管的行銷自動化工具,來避免外部平台存取我們的用戶數據。因此,我們會在我們系統中追蹤用戶使用狀況,在用戶允許我們與他們進行聯繫時(透過勾選註冊流程中的行銷選項)在適當的時間點發送相關的電子郵件和系統更新資訊以協助用戶使用。

As part of our marketing efforts and in the legitimate interest of SimplyBook.me Ltd, we may send marketing emails or texts promoting similar products or services to our customers, in compliance with the soft opt-in exemption. This exemption allows us to contact our existing customers with offers for products or services that are similar to those they have previously purchased from us.

在所有情況下,您的個人數據都將根據我們的指示來處理(我們做為數據控制者),並遵守本政策之規範。我們不使用行銷自動化平台,也 不會 對您的個人數據進行任何自動決策的處理。

取消訂閱選項將適用於所有我們用於行銷目的的溝通管道。

X. 您的權益

根據 GDPR 規範,您為「資料當事人」並擁有以下可自由行使之權利:

存取的權利

修正的權利

刪除的權利

限制資料處理的權利

反對資料處理的權利

資料調閱的權利

向監管機構投訴的權利;

撤回同意的權利。

若您希望使用任何權利,請透過電子郵件 dpo@simplybook.meUKRepresentative@simplybook.me 與我們聯繫。


Read the below section when you are outside the EU or EEA and GDPR does not apply.

The rights of Users in Switzerland are in line with the Swiss Federal Act on Data Protection (FADP) and provisions herein and include: access to Personal Data; right to object to the processing of their Personal Data (which also allows Users to demand that processing of Personal Data be restricted, Personal Data be deleted or destroyed, specific disclosures of Personal Data to third parties be prohibited); right to receive their Personal Data and have it transferred to another controller (data portability); right to ask for incorrect Personal Data to be corrected.

The rights of Users in Brazil are in line with the "Lei Geral de Proteção de Dados" (LGPD) and provisions here.

The rights of Users in the USA, are in line with the California Consumer Privacy Act of 2018" (CCPA), as updated by the California Privacy Rights Act (CPRA) (collectively the “CCPA/CPRA”) and Virginia Consumer Data Protection Act (VCDPA), to the extent relevant and applicable to the business operations of SimplyBook.me.

SimplyBook.me Ltd DOES NOT sell or share the personal information of its Users and the above rights can be exercised by respective individuals via contact details provided above and free of charge and/or to the extent applicable via your Account, subject to certain conditions and exceptions, to the extent SimplyBook.me Ltd must comply with the relevant law/regulation. The provisions above supersedes any other possibly divergent or conflicting information contained herein.

XI. 隱私權變更記錄

我們可能會隨時調整文件內容,以反映法律或相關執行方式的改變。請密切關注我們的網站以獲得任何更新。若我們有任何重大修改,也會主動通知您。

Last update: 28/02/2024

Version: 3.0

先前的通用版本,可參考